Re: Prepared statements considered harmful

On Thu, Aug 31, 2006 at 06:43:38PM +0100, Gregory Stark wrote:
> Peter Eisentraut <peter_e(at)gmx(dot)net> writes:
> > - Redefine "prepared" to mean "parsed" rather than "parsed and planned".
>
> Then you would be going very much against the user's expectations.
>
> Driver interfaces expose very clearly to the user an explicit interface to
> prepare and execute a query separately. What your proposing is to go behind
> the user's back and do what he's gone out of his way to tell you not to do.
> You can always choose to prepare your queries immediately before use. Most
> drivers even supply an interface to do so in a single step for convenience.

Is that really so? Under Perl DBI, the only way to get a statement
handle is to "prepare" it. Yet I don't want to use server-side prepares
because I know of the problems it causes. The "single-step" approach
provides no statement handle at all, which has several drawbacks.

People are encouraged to use prepared stataments for clarity and
security reasons, not speed. I would really like an option to choose
between:

- slightly more planning time but always good plans
- plan once and be unforgiving if the plan doesn't work with the
parameters

I'd take the first option anyday, but that's just the types of queries
I'm doing.

Have a nice day,
--
Martijn van Oosterhout <kleptog(at)svana(dot)org> http://svana.org/kleptog/
> From each according to his ability. To each according to his ability to litigate.